Updates since 2022-02-04
<PR ID>: (activity this week / total activity) summary
There was 1 Merged pull request:
-
1021: (36/88) machine-api: [OCPCLOUD-1377] Add "Azure Ultra Disks support in Machine API" enhancement (damdo)
Enable OCP users to leverage Azure Ultra Disks on Machine API provisioned hosts on Azure via Data Disks or to attach them to Machines via Persistent Volumes (PVs).
<PR ID>: (activity this week / total activity) summary
There were 5 New pull requests:
-
1027: (2/2) general: Enable ProjectRequestLimit on OpenShift 4.x (josefkarasek)
The
requestlimit.project.openshift.io/ProjectRequestLimitadmission plugin is used to impose a limit on the number of self-provisioned project(s) requested by a given user/service account. In 3.x, the limit can be specified via the master configuration file. It doesn't fit well with our targeted configuration which aims to avoid adding lots of intricately documented knobs. This is why this admission plug-in is disabled in OpenShift 4.x.Instead of wiring the admission plugin via the
openshift-apiserveroperator, we can create a validating admission webhook based on the generic-admission-server and distribute it via OperatorHub/OLM. -
1028: (11/11) cluster-logging: flow-control-api spec (pmoogi-redhat)
If the log collector cannot keep up with the rate that logs are written, some logging data will be lost. Lack of flow control these problems:
- Hard to predict and impossible to control the volume of logs.
- No control over which logs get lost.
- During an outage, log buffers build up without user control. This can cause long recovery times and very high latency when the connection is restored.
This proposal defines an API to let cluster administrators to limit logging rates, or ignore some logs entirely. Logs may still be lost if the collector cannot keep up, but administrators have more control over what is lost, and more predictability of log rates.
-
1029: (187/187) network: OVN-Kubernetes on Hypershift (squeed)
Hypershift is a new deployment model for OpenShift which removes the requirement that clusters be "self-hosted". Rather, a given hosted cluster's control plane actually resides as pods on another "management" cluster.
Adapting the OVN networking plugin to the Hypershift model requires some careful design. Specifically, OVN provides its own control plane and datastore, all of which will be hosted external to the hosted cluster.
Thus, the OpenShift OVN deployment model must be updated to support split control planes. Likewise, the Network Operator must be able to manage components on both the control plane as well as the hosted cluster.
-
1030: (10/10) monitoring: enhancements/monitoring: User-Defined Alerting and Relabeling Rules (bison)
The core OpenShift components ship a large number of Prometheus alerting rules. A 4.10-nightly cluster on AWS currently has 175 alerts defined by default, and enabling additional add-ons increases that number. Still, users have repeatedly asked for a supported method of adding additional custom rules, adjusting thresholds, or adding and modifying labels on existing platform alerting rules -- for example, changing severity labels.
These modifications are currently not possible, because the alerts are managed by operators and cannot be modified, and the addition of custom rules is explicitly unsupported at the moment. This proposal outlines a solution for allowing additional user-defined rules and relabeling operations on existing platform alerting rules.
-
1032: (2/2) general: OpenShift CoreOS Layering (provisional) (cgwalters)
Change RHEL CoreOS as shipped in OpenShift to be a "base image" that can be used as in layered container builds and then booted. This will allow custom 3rd party agents delivered via RPMs installed in a container build. The MCO will roll out and monitor these custom builds the same way it does for the "pristine" CoreOS image today.
This is the OpenShift integration of ostree native containers or CoreOS layering via the MCO.
<PR ID>: (activity this week / total activity) summary
There were 16 Active pull requests:
- 1008: (52/185) machine-api: [OCPCLOUD-1248] Add initial iteration of ControlPlaneMachineSet operator enhancement (JoelSpeed)
- 1025: (46/47) kube-apiserver: Introduce detection of stale clusteroperator conditions (mfojtik)
- 1014: (38/265) multi-arch: Heterogeneous architecture clusters (Prashanth684)
- 995: (36/225) machine-api: Add enhancement for AWS Placement Groups in Machine API (JoelSpeed)
- 1010: (21/42) authentication: add enhancement on PSa autolabeling (stlaz)
- 996: (18/176) single-node: Enhancement for enabling single-node-openshift with workers (omertuc)
- 952: (18/44) ingress: NE-585 Expose HealthCheck Interval (candita)
- 1009: (16/71) general: OpenStack Cloud Provider Config Upgrade (stephenfin)
- 1020: (9/98) ingress: Add enhancement for AWS Load Balancer operator (arjunrn)
- 987: (8/74) dns: Add the DNS-over-TLS enhancement initial draft (brandisher)
- 1023: (5/9) ingress: Add route-subdomain enhancement (Miciah)
- 958: (5/108) monitoring: enhancements/monitoring: User-defined alerting rules proposal (bison)
- 943: (4/110) etcd: [OCPCLOUD-1244] Add proposal for etcd protection mechanism during control plane scaling (JoelSpeed)
- 981: (2/136) general: Added proposal for HyperShift monitoring. (bwplotka)
- 1000: (45/152) api-review: Update enhancement proposal to support update of user-defined AWS tags (TrilokGeer)
- 1017: (1/15) helm3: helm: fix example in the documentation (zonggen)
<PR ID>: (activity this week / total activity) summary
There was 1 Closed pull request:
- 1013: (1/6) cluster-logging: LOG-1043 Flow control API enhancements. (alanconway)
<PR ID>: (activity this week / total activity) summary
There were 3 Revived (closed more than 7 days ago, but with new comments) pull requests:
- 243: (3/187) general: Enable ProjectRequestLimit on OpenShift 4.x (tkashem)
- 725: (1/50) distributed-tracing: Allow/Expose options to enable distributed tracing in components as features are added upstream (sallyom)
- 924: (1/221) oc: CLI Manager (deejross)
<PR ID>: (activity this week / total activity) summary
There were 13 Idle (no comments for at least 7 days) pull requests:
- 745: (0/131) security: Security Profiles Operator integration in OpenShift (JAORMX)
- 811: (0/71) network: Enhancement proposal for OVN secondary networks (maiqueb)
- 918: (0/92) installer: vsphere: add multiple datacenter and clusters (jcpowermac)
- 929: (0/226) api-review: [OCPNODE-747] New CRD ImageDigestMirrorSet and ImageTagMirrorSet to support AllowMirrByTags (QiWang19)
- 931: (0/74) dns: NE-367: Add logLevel and operatorLogLevel APIs for DNS (miheer)
- 937: (0/131) monitoring: support configuration of alerting notifications by application owners (simonpasquier)
- 992: (0/16) authentication: auth: add enhancement for direct kube-apiserver oidc config (stlaz)
- 994: (0/7) authentication: auth: add enhancement about pinning SCCs to pods (stlaz)
- 1002: (0/78) ingress: CFE-10: Add host-network-bind-options (Elbehery)
- 1005: (0/54) update: Synchronized upgrades in DPU clusters (danwinship)
- 1006: (0/3) storage: CSI Inline Ephemeral Volume Security (adambkaplan)
- 1019: (0/19) node-tuning: Enhancement for improving image pull via shortname security (umohnani8)
- 1003: (0/2) authentication: add log level, stage and request uri mask (ibihim)
<PR ID>: (activity this week / total activity) summary
There were 3 With lifecycle/stale or lifecycle/rotten pull requests: